package com.spica.platform.oauth.server.httpclient;

import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

import com.alibaba.fastjson.JSONObject;
/**
* @version 创建时间：2017年12月14日 上午11:13:53
* 类说明
*  http 授权码模式认证服务器的token
 *  授权码模式举例:
 *  假设现在想给www.javaboy.org这个网站引入github第三方登录功能,如果使用了oauth2的授权码模式,那么流程应该是这样的:
 *  1.首先www.javaboy.org这个网站相当于一个第三方应用,在该网站上,放一个登录超连接,用户(服务方的用户,如github用户)点击这个超连接
 *  就会去请求授权服务器(github的授权服务器)
 *  超级连接如AUTHORIZE_URL,这个链接分几部分:
 *  response_type=code:该参数表示授权类型,code表示要求返回授权码,拿到授权码后,再根据授权码去获取access_token
 *  client_id=owen:该参数表示客户端id,也就是第三方应用的id.有的读者可能对这个参数不理解,这里解释下:如果想让www.javaboy.org接入github第三方登录功能,开发者首先
 *  要去github开放平台注册,去填入第三方应用的基本信息,信息填写完成之后,会获取到一个APPID,在第三方应用发起授权请求时,需要携带上该APPID,也就是这里超连接中的client_id
 *  从这里我们可以看出,授权服务器在校验的时候,会做两件事,1.校验客户端的身份,2.校验用户身份
 *  redirect_uri:该参数表示在登录校验成功/失败后,跳转的地址,即校验成功后,跳转到www.javaboy.org的那个页面.跳转的时候还会携带上一个授权码参数,开发者再根据这个授权码获取access_token
 *  state:授权服务器会原封不动的返回该参数,通过对该参数的校验,可以防止CSRF攻击
 *  scope:该参数表示授权范围,即www.javaboy.org这个第三方应用拿着获取到的accesstoken能干什么
 *  以上是正规的oauth2标准的授权码模式需要的字段
 *
 *  由于spica项目自己实现了oauth2的服务端,调用的接口是/oauth/token,调用的参数是
 *  grant_type:同response_type
 *
*/
public class AuthCodeInvoker {

	private static final String BASE_URL="http://127.0.0.1:9900/api-user/users?page=1&limit=10";
	private static final String AUTHORIZE_URL = "http://127.0.0.1:8000/api-auth/oauth/authorize?response_type=code&client_id=owen&redirect_uri=http://127.0.0.1:9997/dashboard/login&state=abc&scope=app";
	private static final String TOKEN_URL = "http://127.0.0.1:8000/api-auth/oauth/token?grant_type=authorization_code&client_id=%s&client_secret=%s&redirect_uri=%s&code=%s" ;
	public static String access_token;

	private HttpClientBuilder httpClientBuilder;
	private CloseableHttpClient httpClient;

	// private static final Object MAPPER = new ObjectMapper();
	public void start() throws Exception {

		httpClientBuilder = HttpClientBuilder.create();
		// CloseableHttpClient httpClient = HttpClients.createDefault();
		// http POST
		// HttpClientBuilder httpClientBuilder = HttpClientBuilder.create();

		String RealTOKEN_URL = String.format(TOKEN_URL, "nqYtqx", "owen" ,"owen","http://127.0.0.1:9997/dashboard/login") ;

		HttpPost httpPost = new HttpPost(RealTOKEN_URL);
		// HttpGet httpGet = new HttpGet(url);

		httpClient = httpClientBuilder.build();
		CloseableHttpResponse response = null;
		try {

			response = httpClient.execute(httpPost);

			String content = EntityUtils.toString(response.getEntity(), "UTF-8");

			JSONObject  jsonObject = JSONObject.parseObject(content);
			access_token = jsonObject.getString("access_token");
			System.out.println("得到:access_token : " + access_token);
		} finally {
			if (response != null) {
				response.close();
			}

			httpClient.close();

		}



		String content = doAnotherGet(access_token);
		System.out.println(content);

	}

	private String doAnotherGet(String json) throws Exception {
		// 创建代理地址实例
		// HttpHost proxy = new HttpHost("10.1.249.58", 3128);
		// 创建路由 使用DefaultProxyRoutePlanner
		// DefaultProxyRoutePlanner routePlanner = new
		// DefaultProxyRoutePlanner(proxy);
		// 路由添加到httpclient 实例创建中
		// CloseableHttpClient httpClient
		// =HttpClients.custom().setRoutePlanner(routePlanner).build();
		//
		CloseableHttpClient httpClient = HttpClients.createDefault();
		// 创建http POST请求
		HttpGet httpGet = new HttpGet(BASE_URL);
		// HttpGet httpGet = new HttpGet(url);
		// URL url = new URL(BASE_URL);

		httpGet.addHeader("Authorization", "Bearer " + json);

		CloseableHttpResponse response = null;
		try {
			// 执行请求
			response = httpClient.execute(httpGet);
			// 判断返回状态是否为200

			String content = EntityUtils.toString(response.getEntity(), "UTF-8");

			return content;
		} finally {
			if (response != null) {
				response.close();
			}

			httpClient.close();
		}
	}


	public static void main(String[] args) throws Exception {
		new AuthCodeInvoker().start();

	}

}